You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 lines
1.9 KiB
75 lines
1.9 KiB
from pyramid.httpexceptions import HTTPFound |
|
from pyramid.security import remember, forget |
|
from pyramid.view import view_config |
|
|
|
from ordr.models import User |
|
|
|
|
|
@view_config( |
|
context='ordr.resources.RootResource', |
|
permission='view', |
|
) |
|
def welcome(context, request): |
|
''' web root redirects ''' |
|
next = 'orders' if request.user else 'login' |
|
redirect_to = request.resource_url(context, next) |
|
return HTTPFound(redirect_to) |
|
|
|
|
|
@view_config( |
|
context='ordr.resources.RootResource', |
|
name='faq', |
|
permission='view', |
|
renderer='ordr:templates/pages/faq.jinja2' |
|
) |
|
def faq(context, request): |
|
''' displays the FAQ page ''' |
|
return {} |
|
|
|
|
|
@view_config( |
|
context='ordr.resources.RootResource', |
|
name='login', |
|
request_method='GET', |
|
permission='view', |
|
renderer='ordr:templates/pages/login.jinja2', |
|
) |
|
def login(context, request): |
|
''' shows the login page ''' |
|
return {'loginerror': False} |
|
|
|
|
|
@view_config( |
|
context='ordr.resources.RootResource', |
|
name='login', |
|
request_method='POST', |
|
permission='view', |
|
renderer='ordr:templates/pages/login.jinja2', |
|
) |
|
def check_login(context, request): |
|
''' check user credentials ''' |
|
username = request.POST.get('username') |
|
password = request.POST.get('password') |
|
user = ( |
|
request.dbsession |
|
.query(User) |
|
.filter_by(username=username) |
|
.first() |
|
) |
|
|
|
if user and user.is_active and user.check_password(password): |
|
headers = remember(request, user.id) |
|
return HTTPFound(request.resource_url(request.root), headers=headers) |
|
|
|
return {'loginerror': True} |
|
|
|
|
|
@view_config( |
|
context='ordr.resources.RootResource', |
|
name='logout', |
|
permission='view' |
|
) |
|
def logout(context, request): |
|
''' log out of an user ''' |
|
headers = forget(request) |
|
return HTTPFound(request.resource_url(request.root), headers=headers)
|
|
|